A special report by Statewatch
published at the end of February detailed plans for a joint plan
drawn up by the Council of the European Union and the US Federal
Bureau of Investigations (FBI) to introduce a global system for
the surveillance oftelecommunications
- phone calls, e-mails and faxes. Further investigations have
revealed that:

a. The decision to go ahead was
never discussed by theCouncil
of Justice and Home Affairs Ministers - it wassimply
agreed by "written procedure" through an exchange of
telexes between the 15 EU governments.

b. The "Requirements"
to be placed on network and service providers by the European
Union to enable the surveillance of communications adopted on
17 January 1995 - and not made public until November 1996 - is
based on the "Requirements" drawn up by the FBI in
1992 (and revised in 1994).

The first attempt by the FBI
in the United States to get through a new law to allow for the
surveillance of all telecommunications was withdrawn from the
Congress in June 1991. In March 1992 a redrafted proposal, the
Digital Telephony Bill, was sent to the Congress but after major
opposition by civil liberties groups it was quietly withdrawn
in the autumn of 1992 just before the Presidential election which
saw Clinton returned to the White House.

Part of the FBI's campaign for
these new powers included its report, "Law Enforcement REQUIREMENTS
for the surveillance of electronic communications" (emphasis
in original) put out in June 1992. During 1993 the FBI arranged
a meeting in Quantico, USA attended by EU representatives plus
Canada, Sweden, Norway, Finland, Hong Kong, Australia, New Zealand
and the USA. In March 1994 the FBI released a new draft proposal
ironically renamed: "The Digital Telephony and Privacy Improvement
Act". An updated version of the "REQUIREMENTS"
were issued by the FBI in June 1994. By early August 1994 the
FBI proposal, to be renamed again as "The Communications
Assistance for Law Enforcement Act", was formally introduced
and on 25 October 1994 President Clinton signed it into law -
which placed on the statute book identical powers to those adopted
by the EU in January 1995.

EU
slow to catch up

It was not until June 1993 that
the EU Trevi Ministers, meeting for the last time in Copenhagen,
addressed the subject seriously. They agreed the text of a "questionnaire
on phone tapping" to be sent to each Member State in July
1993 and to the new members (Finland, Sweden and Austria) in
September 1993. The issue was also raised at the "Friends
of Trevi" meeting in Copenhagen attended by Deputy Attorney
General Philip Heymann from the USA. However, this EU report
was not completed until November 1995. When the new Council of
Justice and Home Affairs Ministers held its first meeting in
November 1993 in Brussels the Resolution they adopted on "The
Interception of Communications" clearly expressed their
concern:

"The Council: 1. calls upon
the expert group to compare the requirements of the Member States
of the Union with those of the FBI. 2. agrees the requirements
of the Member States of the Union will be conveyed to the third
countries which attended the FBI meeting at its headquarters
in Quantico in order to avoid a discussion based solely on the
requirements of the FBI."

On 3 March 1994 the K4 Committee,
followed by COREPER (the committee of Permanent Representatives
of the 15 EU governments) on 10 March 1994, agreed a draft Recommendation
calling for a study "to be made of the different technical
PSCS-interception possibilities (PSCS, Personal Satellite CommunicationsServices)". In the event the
Council of Justice and Home Affairs Ministers on 23 March 1994
discussed, but did not adopt, the Recommendation (not to be confused
with the later "Resolution"). On 14-15 April it was
back on the agenda of the K4 Committee and on COREPER's on 27
April 1994 which cleared "the text of a confidential letter
to be sent by the President of the JHA Council to the President
of the Telecommunications Council." In simple terms this
meant, as Greece then held the EU Presidency, one Greek Minister
sending a "confidential" letter to another Greek Minister
in their respective roles as "Presidents" of two different
Councils of Ministers.

What had been clear for some
time was now transparent. For more than five years it had been
clear to the US government and the EU governments that the combination
of new satellite-based telecommunications and, for the Europeans,
the privatisation of state-owned telephone companies, combined
with the explosion in the use of mobile phones and the impending
launch of e-mail via the Internet presented a new challenge for
interception by the "law enforcement agencies".The Council of Justice and Home
Affairs Ministers did not consider the issue again.

This was despite the decision
of the K4 Committee on 19-20 December 1994 that:

"The Committee agreed to
suggest to Coreper and the Council that the above draft Resolution
("Draft Council Resolution on the lawful interception of
telecommunications") be adopted as an "A" item."
[An "A" item is adopted without debate in the Council
of Ministers]

The next day, 21 December 1994
a decision was taken, under the German Presidency, not to wait
for the next Council meeting in March 1995 but to adopted the
"Resolution" setting out the "Requirements"
by "written procedure". The "written procedure"
process of decision making meant that the draft Resolution was
sent out by telex from Brussels to each Member State. On 9 January
a further telex attached two statements by Denmark and France
for agreement, and a final telex with a statement by the Netherlands
was telexed out on 18 January - the day after the official adoption
of the measure on 17 January 1995.

No publicity was given to this
decision at the time. On 9 July 1996 the K4 Committee's Police
Cooperation Working Party proposed that the Resolution should
be published in the Official Journal of the European Communities
which it was in November 1996. This is the same Working Party
which had reported in June 1995 that the new system should be
able to:

""tag" each individual
subscriber in view of a possibly necessary surveillance activity."

and that a major problem was
that:

"initial contacts with various
consortia... has met with the most diverse reactions, ranging
from great willingness to cooperate on the one hand, to an almost
total refusal even to discuss the question... it is very urgent
for governments and/or legislative institutions to make the new
consortia aware of their duties. The government will also have
to create new regulations for international cooperation so that
the necessary surveillance will be able to operate." [emphasis
added]

By the summer of 1996 the EU
was beginning to catch up with the US. The European Telecommunications
Standards Institute (ETSI) prepared the first of several drafts
of a document entitled, "Requirements for Trusted Third
Party Services" at its meeting on 15-16 July 1996. At the
November 1996 meeting of the Council of Justice and Home Affairs
Ministers a text was agreed to send out to the equivalent international
standards bodies with the Resolution detailing the "Requirements",
the IEC, ISO and ITU, informing them that EU Member States would
be applying "these requirements to network operators and
providers of services." If the significance, and global
implications, of this new system was in any doubt Version 4 of
the "Requirements for Trusted Third Party Services"
prepared by ESTI, dated 25 November 1996dispelled
it:

"There is a need to facilitate
the growing importance and development of electronic commerce,
the European Information Infrastructure (EII) and the Global
Information Infrastructure (GII) by the introduction of suitable
measures to safeguard the integrity and confidentiality of electronic
information."

And on "Lawful Interception":

"Lawful interception of
telecommunications traffic is commonly recognized as an important
instrument to fight crime and to assure national security. Law
Enforcement Agencies (LEAs) have the need to intercept incoming
and outgoing telecommunications traffic, which is transported
via telecommunications networks, without knowledge of eg: the
interception subjects and the foreign country or countries involved".

To complete the strategy and
ensure global compliance to the new, "tappable", telecommunications
standards the EU led on drawing up a "Memorandum of Understanding"
to extend the EU-US system to non-EU countries which were invited
to adopt the same "Requirements" for network and service
providers. The contact addresses for signatory countries and
for further information, which confirms the EU-USA link, should
be sent to:

"a) Director Federal Bureau
of Investigation,

Attention: Information Resource
Division,

10 Pennsylvania Avenue, N.W.,

Washington D.C. 20535

b) General Secretary of the Council
of the European Union, FAO The President,

Rue de la Loi 175,

B-1048 Brussels,

Belgium."

The number of signatories to
the "Memorandum" is open-ended, any country can join
providing the existing member states agree. It invites "participants"
because "the possibilities forintercepting
telecommunications are becoming increasingly threatened"
and there is a need to introduce "international interception
standards" and "norms for the telecommunications industry
for carrying out interception orders" in order to "fight..
organised crime and for the protection of national security."

By October 1996 Australia, Canada
and the US had informed the European Council in Brussels of their
support for the"Requirements",
Norway had signed the "Memorandum ofUnderstanding",
and Hong Kong and New Zealand are "considering the means
by which they could support the "Requirements"."
Ongoing meetings of "experts" from these six countries
and the EU are being organised under the "informal title
of ILETS (International Law Enforcement Telecommunications Seminar)".

The
FBI "Requirements"

A comparison of the "Requirements"
and the "Glossary" in the Resolution adopted in January
1995 by the EU and the two reports by the FBI entitled: "Law
Enforcement REQUIREMENTS for the surveillance of electronic communications"
(June 1992 and June 1994) shows them to be the same in almost
every respect. The only difference is that the EU's "Requirements"
have a couple of additional provisions to cover the linking of
differenttelecommunications
providers (eg: Germany, Austria and Spain). Some of the terminology
is quaint. The term "law enforcement agencies", a American
term, is used in both but is not defined in the EU version. It
can be presumed to cover police, intelligence agencies (MI6 and
GCHQ), internal security agencies (MI5), customs, tax, and immigration
agencies. The US-FBI use of the term "transparency"
has strange ring in European understanding, it is taken to mean
ensuring that the subjects of the interception are "unaware
of ongoing electronic surveillance".

The nine "Requirements"
in the FBI report are directly repeated in the EU's ten "Requirements"
with similar or in some cases the same terminology. For example,
the EU's "Requirement" no 1 says:

"Law enforcement agencies
require access to the entiretelecommunications
transmitted, or caused to be transmitted, to and from the number
or other identifier of the target service used by the interception
subject."

The FBI's "Requirement"
no 1 says:

"Law enforcement agencies
require access to the electronic communications transmitted,
or caused to be transmitted, to and from the number, terminal
equipment, or other identifierassociated
with the intercept subject... "

The Chair of the Select Committee
on the European Communities in the House of Lords, Lord Tordoff,
took up the "Memorandum" with the Home Secretary, Michael
Howard, in an exchange of letters on the Committee_s access to
documents for scrutiny. On the subject of the "Memorandum
of Understanding on the Legal Interception of Telecommunications"
Mr Howard told Lord Tordoff:

"The Memorandum of Understanding
is a set of practical guidelines to third countries on the lawful
interception oftelecommunications.
It is not a significant document and does not, therefore, appear
to meet the criteria for Parliamentary scrutiny of Title VI documents."
(emphasis added)

It is quite clear from this Briefing
that the "Memorandum" is not an insignificant document
concerning as it does a EU-US plan for global telecommunications
surveillance.

After the Guardian newspaper
carried a front-page report on Statewatch's research Mr Howard
wrote the following letter to the paper:

We have never disguised the fact
that interception of communications is an important tool in the
fight againstorganised crime
and, clearly, we need to ensure that we can keep up as organised
criminals and their means of communication become increasingly
sophisticated and international. But that does not justify the
alarmist tone of your article, which confused a number of separate
issues.

The UK is not party to any agreements
concerning ourinterception
of calls outside this country. Nor do we allow calls here to
be Intercepted by foreign governments. The International User
Requirement, which outlines recommended technical standards for
lawful interception, far from being a secret document, was published
in the EU Official Journal last year and repeated, in substance,
in a document which has been placed In the libraries of both
Houses of Parliament. Similarly, there is no secrecy attached
to the Government's proposals on encryption which were announced
last June and will be set out in a consultation paper which will
be published shortly.

It is no secret that discussions
are taking place within the EU context about how current interception
capability can be maintained as the use of "satellite"
phones increases. Any changes to our interception regime to take
account of this will almost certainly require domestic primary
legislation, giving Parliament and the public full opportunity
to discuss these matters." Michael Howard (MP), Home Secretary,
Queen Anne's Gate, London SW1H 9AT.

Statewatch's editor replied:

"Your report of our research
on the new EU-FBI globaltelecommunications
surveillance system (25 February) is termed "alarmist"
by the Home Secretary Mr Howard (1 March).

Faced with a new generation of
satellite-based telecommunications for phone calls, e-mails and
faxes the EU Council of Ministers have laid down new standards
for manufacturers and service providers if they want to getcontracts. These "Requirements"
will create a system which can monitor everyone and every form
of communication and it is one which Mr Howard admits will require
"primary legislation" to update the 1985 Interception
of Communications Act.

Mr Howard says the new measure
was deposited in parliament but this was after it had been agreed.
He failed to refer the Resolution setting up this system to the
Select Committee on the European Communities for parliamentary
scrutiny when it was being discussed in the K4 Committee in April,
November and December 1994. Or before it was discussed by the
Council of Justice and Home Affairs Ministers in March 1994 and
or finally agreed, in an unpublicised decision, by "written
procedure" via telexes sent out from the Council in Brussels
in January 1995. It was "secret" until it had been
adopted without any parliamentary scrutiny. Mr Howard says "The
UK is not party to any agreementsconcerning
our interception of calls outside this country. Nor do we allow
calls here to be intercepted by foreign governments". Clause
2.3.d of the Police Bill currently before parliament would allow
the tapping of phones and communications (and entry into homes
and offices) on behalf of any "law enforcement agency"
in the world. The UK does not allow interception by "foreign
governments" it will do it for them.

He also seems to be unaware of
the 1948 UKUSA agreement whereby the UK's GCHQ in Cheltenham
and the US National Security Agency (NSA) at Menwith Hill in
Yorkshire and Morwenstow in Cornwall routinely intercept telecommunications
including e-mails and faxes (through the ECHELON network).

The "Memorandum of Understanding"
drawn up by the EU and the FBI extending the system to non-EU
states like Canada, Australia, New Zealand, Norway, the USA and
Hong Kong, is in Mr Howard's words "not a significant document".

People and parliament might have
been "alarmed" if they had been told what was going
on." Tony Bunyan, Editor, Statewatch (paras 4, 5 & 6
were not printed)

Mr Howard did not reply.

Conclusion

Whether the EU effectively adopted
in 1995 the "Requirements" drafted by the FBI back
in 1992 is perhaps not the issue. What is however is that while
in the US the taking of new, intrusive, surveillance powers by
the "law enforcement agencies" was debated and adopted
through their democratic process, in the EU the decision was
taken in secret by "written procedure" with no democratic
discussion at all in the parliaments of the European Union.

Sources: Publication of Council
Resolution of 17 January 1995 on the lawful interception of telecommunications,
Report from Police Cooperation Working Party to Steering Group
II, 8977/96, Limite, ENFOPOL 121, 11.7.96; Interception of communications,
report to COREPER, ENFOPOL 40, 10090/93, Confidential, 16.11.93;
Memorandum of Understanding concerning the lawful interception
oftelecommunications,
ENFOPOL 112, 10037/95, Limite, 25.11.95; Legally permitted surveillance
of telecommunications systems provided from a point outside the
national territory, report from the UK delegation to the Working
Group on Police Cooperation, ENFOPOL 1, 4118/95, Restricted,
9.1.95; Electronic Privacy Information Center, Washington, USA;
Chapter 4, "Pre-Wiretapping Telephones", by David Banasar
in Electronic Privacy Sourcebook (forthcoming, June 1997), John
Wiley and Sons, NY. Copies of Statewatch's interim report on
"European Union and FBI launch global surveillance system"
are available for £2.00 (inc p&p).

CHRONOLOGY

June 1991: first FBI Bill withdrawn
from US Congress

June 1992: FBI produced "Law
Enforcement REQUIREMENTS for the surveillance of electronic communications"

Autumn 1992: second FBI Bill
withdrawn from US Congress

1993: FBI host a seminar in Quantico
attended by the EU

29-30 November 1993

The first meeting of the new,
post-Maastricht, Council of Justice and Home Affairs Ministers
meeting in Brussels adopt a Resolution calling on experts to
compare the needs of the EU "with those of the FBI"

March 1994: The Council of Justice
and Home Affairs Ministers discuss but do not adopt a draft Recommendation
of principle August 1994: third, and successful Bill introduced
in US Congress April, November and December 1994: The K4 Committee
discusses the draft Resolution on the lawful interception of
telecommunications and the "Requirements" to be placed
on network and service providers

October 1994: US Bill passed
and signed by Clinton

November 1994: The K4 Committee
discusses the draft "Memorandum of Understanding with third
countries".

17 January 1995: The Resolution
on the "Requirements", never discussed by the Council
of Ministers is adopted by "written procedure". It
is not published in any form until 4 November 1996 when it appears
in the Official Journal.

23 November 1995: The Council
of Justice and Home Affairs Ministers agree the "Memorandum
of Understanding". It is not published in any form

7 May 1996: Michael Howard, the
Home Secretary, tells the Chair of the Select Committee on the
European Communities in the House of Lords that the "Memorandum
of Understanding on the legal interception of communications"
is "not a significant document". 28 November 1996:
The Council of Justice and Home Affairs Ministers agree the text
of a letter to be sent out to other potential "participants"
(countries) in the "Memorandum of Understanding".

K4 Committee: Also set up under
the Maastricht Treaty to coordinate the work on the "third
pillar" - policing, immigration and asylum, and legal cooperation.
Is comprised of senior officials from Interior Ministries and
prepares report to go to the Council. Under the K4 Committee
there are three Steering Groups covering policing and customs,
immigration and asylum, and legal cooperation (civil and criminal)
to which a series of Working Groups report.

COREPER: the Committee of Permanent
Representatives from each EU state based in Brussels.